COINTURK NEWSCOINTURK NEWSCOINTURK NEWS
  • Real-Time News Feed
  • Bitcoin
  • Altcoin
  • Ethereum
  • Technology News
  • Advertise
  • Contact
  • TURTURTUR
  • ESESES
Search
© 2024 COINTURK NEWS. All Rights Reserved.
Reading: Cyber Attacks Target Cryptocurrency Investors: Stay Alert and Informed
Share
Languages
  • TürkçeTürkçe
  • EspañolEspañol
Font ResizerAa
COINTURK NEWSCOINTURK NEWS
Font ResizerAa
Search
  • Real-Time News Feed
  • Bitcoin
  • Altcoin
  • Ethereum
  • Technology News
  • Advertise
  • Contact
  • TURTURTUR
  • ESESES
Follow US
© 2025 BLOCKCHAIN Information Technologies. >> COINTURK NEWS
Powered by LK SOFTWARE
COINTURK NEWS > Cryptocurrency Security > Cyber Attacks Target Cryptocurrency Investors: Stay Alert and Informed
Cryptocurrency Security

Cyber Attacks Target Cryptocurrency Investors: Stay Alert and Informed

In Brief

  • Cyber attacks on crypto investors are increasing in complexity.

  • Be vigilant and verify all communications and website URLs.

  • Use unique, complex email addresses for cryptocurrency exchanges.

Fatih Uçar
Fatih Uçar 3 weeks ago
Share
SHARE

One of the core developers of ENS became the target of a cyber attack, highlighting how vulnerable cryptocurrency investors can be. Even professionals can fall prey to these traps, potentially resulting in significant losses for a large portion of the crypto investing community. What are the details of this incident? What should investors be cautious about?

Contents
Google Vulnerabilities and CryptocurrenciesDetails of the Attack

Google Vulnerabilities and Cryptocurrencies

Cybercriminals continue to pursue unjust gains using various methods. Fake product advertisements, AI-driven deceptive investment opportunity videos, viruses, and phishing attacks make it imperative for investors to exercise extreme caution.

Nick, a well-known name in the crypto community, fell victim to attackers using two unresolved security vulnerabilities in Google’s infrastructure.

“Recently, I was targeted by a highly sophisticated phishing attack, which I want to emphasize here. This attack exploits a security flaw in Google’s infrastructure, and since they refuse to fix it, we can expect to see such attacks more frequently. Here is the email I received;”

“The first thing to note is that this is a valid, signed email – it was indeed sent from no-reply@googlecom. It passes DKIM signature checks, and Gmail displays it without any warnings – even placing it in the same thread as other legitimate security alerts.”

DKIM (DomainKeys Identified Mail) is a security protocol that verifies the identity of the email sender and guarantees that the email has not been altered in transit.

Details of the Attack

To enhance the credibility of a fake website, attackers utilize Google’s site feature to easily lure their victims at the moment of shock. The site link directs you to a very convincing “support portal” page, where attackers urge the victim to log into their account.

“Here’s how it works: First, they register a domain name and create a Google account for ‘me@domain.’ The domain name isn’t crucial, but it helps it appear like a form of infrastructure. As you’ll see shortly, choosing ‘me’ as the username is clever.

Next, they create a Google OAuth application. For the application’s name, they input *the entire text of the Phishing message* – including new lines – followed by multiple spaces and “Google Legal Support.”

They grant access permissions to the OAuth application for the ‘me@…’ address. This generates a ‘Security Warning’ message sent from Google to the ‘me@…’ email addresses. Since the email is generated by Google, it is signed with a valid DKIM key and passes all checks.

Finally, they relay the message to the victims. DKIM only validates the message and header, confirming the envelope; therefore, the message passes signature validation and appears as a legitimate message in the user’s inbox – even within the same thread as legitimate security alerts.

Because they label Google accounts as ‘me@’, Gmail indicates that the message was sent to ‘me’ at the top; this avoids another indicator that might raise red flags.

I reported this issue to Google; unfortunately, they closed it by stating, ‘It Works As Intended,’ explaining they do not see this as a security flaw. Clearly, I disagree – but until they change their minds, be cautious of deceptive security alerts from Google.”

This complex hacking method seems to be used by more professional attackers. However, average cryptocurrency investors could also fall victim as methods become more widespread. Therefore, ensure you check the URL bar multiple times during all login sessions to confirm you are on the original website and login page. Be cautious with emails that excite you (lawsuits, account closures, etc.) and verify everything more than once before taking action.

Additionally, refrain from using the email address associated with exchanges for any other purposes, and note that complex email addresses composed of letters and numbers are less likely to be targeted in potential attack emails.

You can follow our news on Telegram, Facebook, Twitter & Coinmarketcap
Disclaimer: The information contained in this article does not constitute investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should conduct their own research.

You Might Also Like

Crypto Market Faces Severe Security Breaches in April

Catch Fraudsters with Revealing Identity and Background Lies

Hackers Breach TRON DAO’s Official Account with Ingenious Tactics

Ledger Alerts Users About Deceptive Letters Targeting Wallet Security

Investigative Insights Expose Shocking Bitcoin Theft

Fatih Uçar 16 April, 2025 - 7:00 pm 16 April, 2025 - 7:00 pm
Share This Article
Facebook Twitter
Share
Previous Article Bitcoin Investors Split: Short-Term Traders Struggle While Long-Term Holders Thrive
Next Article Financial Strategies Shift as Fed Stays Cautious on Interest Rates
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

8.1k Like
21.1k Follow
1.1k Follow

Latest News

Bitcoin Climbs Over Ichimoku: Will Other Cryptos Follow its Lead?
Bitcoin (BTC) Cryptocurrency News
Bitcoin Surges to New Highs as Institutional Interest Intensifies
Cryptocurrency News
Crypto Analyst Warns of Short-Term Correction in Ethereum and Solana
Ethereum (ETH)
Binance Spurs a Twist as Doodles Token Value Dips
Binance
//

COINTURK was launched in March 2014 by a group of technology enthusiasts who believe that Bitcoin will be as important as the internet in the world of the future thanks to the amazing technology underlying it.

CRYPTOCURRENCY LIVE PRICES

  • Bitcoin (BTC) Live Price
  • Ethereum (ETH) Live Price
  • Ripple (XRP) Live Price
  • Solana (SOL) Live Price
  • Dogecoin (DOGE) Live Price
  • Cardano (ADA) Live Price
  • Chainlink (LINK) Live Price

OUR PARTNERS

  • COINMARKETCAP
  • COINGECKO
  • BITCOINHABER
  • BH NEWS
  • 21MILYON
  • NEWSLINKER

OUR COMPANY

  • About Us
  • Cookie Policy
  • Advertising
  • Contact
COINTURK NEWSCOINTURK NEWS
Follow US
© 2025 BLOCKCHAIN Information Technologies. >> COINTURK NEWS
Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Lost your password?